ICE Investigators Expose Darknet Criminals to the Light
The stark, white walls of the Cyber Crimes Center are a direct contradiction to the work that takes place within them. The Department of Homeland Security (DHS) U.S. Immigration and Customs Enforcement (ICE) Homeland Security Investigations’ (HSI) Cyber Crimes Unit investigators submerge themselves in the world of illicit criminal activity that takes place in the shadows of the Darknet.
The Darknet, a subset of the darkweb, or deepweb, is a place where illegal activity thrives and criminals function in perceived anonymity. The Darknet requires specialized software and permission to gain access. Cyber Crimes Center Deputy Assistant Director (DAD), Patrick Lechleitner said,
“The Darknet is not a very sophisticated or special place; it just requires specific permission or access to get into it.”
ICE HSI takes a straightforward role in combating illegal activity on the Darknet. Their workload has increased in recent years as criminal activity has infiltrated the cyber environment. As a criminal investigative unit, HSI and its agents combat criminal activity on the Darknet the same way they do offline: one step at a time.
The Darknet contains shopping-focused websites similar to what is found on the Internet. The sites are called ‘marketplaces,’ and their size can change quickly depending on the attention paid to them says DAD Lechleitner - “Various factors can drive the popularity and size of a marketplace; for example, proprietors will change them or move them around to avoid law enforcement and the scrutiny will drive marketplaces to change.”
Investigators see familiar crimes taking place on the Darknet. Cyber investigations sometimes begin as traditional in nature then progress into the cyber environment. HSI was one of the primary agencies on the Silk Road investigation that revealed large-scale illegal drug and contraband smuggling through the U.S. Postal Service. The investigation eventually led to activity taking place on Darknet marketplaces. “This case, along with Black Market Reloaded, represented a new and evolving area, cyber investigation, for law enforcement that continues to this day,” said DAD Lechleitner.
Investigators discovered a plethora of black market goods available on Silk Road. There were various illegal drugs including heroin, Ecstasy, LSD, marijuana and steroids. Also, illegal weapons, books on how to construct bombs, counterfeit identification and counterfeit merchandise.
Many criminals believe they are operating under a cloak of anonymity when transacting illicit business on the Darknet. This could not be further from the truth. ICE, along with its domestic and foreign partners, is actively engaged in countering Darknet activity. DAD Lechleitner warned; “If you’re conducting illicit activities on the Darknet, there are a lot of risks associated with that and you are not totally anonymous. You shouldn’t be doing anything illicit on the darkweb or the open web for that matter. If you are conducting any illicit activity on the darkweb, there are consequences and federal law enforcement is watching.”
Illegal drugs are one of the most dangerous categories of goods marketed on the Darknet. The anonymous nature of the Darknet lends itself to the illegal trafficking of controlled substances. The criminals who market and sell illegal drugs online do not have to work hard to find customers. Illegal drug users are drawn to the convenience and anonymity of buying on the Darknet. These customers are risking their lives by ordering substances that come from an anonymous source. The perceived anonymity of the transaction only heightens the risk. ICE continues to do what it can. DAD Lechleitner explained: “HSI has a major role in combating the transnational smuggling of illicit drugs. We go after those substances in the dark marketplaces just as we would in the real world.”
HSI Special Agent Jared DerYeghiayan, Chicago, Illinois, has firsthand, extensive knowledge of the Silk Road investigation and Operation Dime Store. He served as the case agent for the operation, analyzed drugs that were seized, compiled evidence, conducted interviews with suspects and participated in arrests.
Operation Dime Store started as a HSI Chicago RAC/O’Hare investigation in summer, 2011. The operation was in response to small drug seizures taking place at the Chicago mail hub. The seizures were unusual, as shipments of that kind were not usually received through letter mail, were coming from international sources in abundance, and were being shipped all over the United States. ICE HSI opened an investigation to look into the specific source of the drugs. Operation Dime Store led agents to the Darknet site Silk Road. Once the breadth and influence of the site was ascertained, HSI’s goals were to find a way to shut down the site, intercept packages to identify vendors, identify the recipients of the shipments and make the drug seizures stop. There was much information to disseminate; in almost three years of operation, more than 1.5 million transactions took place.
The investigators employed a number of different investigative techniques to track drug shipments that were being seized in Chicago. SA DerYeghiayan explained: “We analyzed the fingerprints on packaging, analyzed seized drugs, looked for trends and clues that could lead us to where the site was hosted and made undercover purchases to infiltrate the website. We wanted to identify the vendors.”
As the investigation progressed, SA DerYeghiayan went undercover and eventually became a top lieutenant for the Silk Road website. The work of HSI investigators resulted in the shut down of Silk Road and the arrest of its owner and operator, Ross W. Ulbricht.
In January 2015, the case went to trial in the Southern District of New York and exposed many ways the Silk Road site facilitated the illegal drug trade all over the world and how Ulbricht ran his criminal organization. SA DerYeghiayan served as the lead witness for the government in the Silk Road trial. The result for Ulbricht was a guilty verdict on all counts, including continuing criminal enterprise, hacking, drug smuggling, money laundering and document fraud. He was sentenced to two concurrent life sentences.
SA DerYeghiayan said, “The most satisfying part of this investigation was shutting down the website and stopping the dangerous flow of drugs and weapons across the world; it was very important for me to shut down that website.”
HSI is fully committed to stopping cybercrime and protecting U.S. citizens. DAD Lechleitner warned: “The average American is at risk from Darknet activity in many ways. The illicit nature of the Darknet relates itself to unscrupulous behavior including the theft of personal identification and the existence of counterfeit pharmaceuticals. What people really need to know is when you are conducting what you think is a lawful transaction on the Darknet, you can’t be sure it is lawful. You are putting yourself at a huge risk.”